Sara Friedman

Sara Friedman joined Inside Cybersecurity in February 2020. Previously, she covered government IT for GCN and education technology for THE Journal and Campus Technology. She graduated from Ithaca College with bachelor’s degrees in journalism and politics.

Connections
Archived Articles
Daily News | May 24, 2024

The House Armed Services Committee added amendments to the fiscal year 2025 defense authorization bill in a mark-up session requiring federal contractors to have a vulnerability disclosure policy and ordering studies from the Pentagon on critical infrastructure threats.

Daily News | May 22, 2024

The House Armed Services Committee kicks off the process today of marking up the fiscal year 2025 defense authorization bill, with proposals on the table to secure mobile devices used within the Defense Department, bring on voluntary cyber experts and address concerns over artificial intelligence costs.

Daily News | May 20, 2024

A proposed rule to amend the Defense Department’s acquisition policies for the Cybersecurity Maturity Model Certification program has entered the Office of Management and Budget review process.

Daily News | May 16, 2024

The National Institute of Standards and Technology's final update to two publications focused on controlled unclassified information puts in place "organization-defined parameters" and the ability for agencies to make determinations on what meets their needs.

Daily News | April 16, 2024

MITRE has raised issues with potential costs for contractors who want to do business with the Defense Department in addressing assessment gaps and accommodating for potential future changes in the maturity model for the upcoming Pentagon cyber certification program, in response to a proposed rule to implement the program.

The Insider | March 28, 2024

The National Defense Information Sharing and Analysis Center has published a "shopping guide" to help small and medium-sized businesses pick an assessor who meets their needs to reach compliance with the Pentagon's Cybersecurity Maturity Model Certification program.

Daily News | March 28, 2024

The Coalition for Government Procurement is seeking clarity on how the Defense Department will allow external service providers to play a role in achieving compliance with the Pentagon's Cybersecurity Maturity Model Certification program, in a filing on the proposed rule to implement the effort.

Daily News | March 19, 2024

The Canadian government is asking the Defense Department to facilitate establishing reciprocity between the Pentagon's Cybersecurity Maturity Model Certification program and Canada's new cybersecurity framework, in response to a DOD proposed rule to implement the U.S. initiative.

Daily News | March 19, 2024

The Edison Electric Institute is making recommendations for how controlled unclassified information should be addressed in Defense Department contracts with Cybersecurity Maturity Model Certification requirements in a manner that aligns with current practices for sharing sensitive data in the electric sector.

Daily News | March 14, 2024

Wireless group CTIA supports the Defense Department's decision to create an exemption for telecommunications providers under the Cybersecurity Maturity Model Certification program, while asking for more guidance on the trigger for applicability in the response to a proposed rule on implementation.

Daily News | March 13, 2024

The Office of Advocacy at the Small Business Administration has outlined four areas of concern in the Pentagon's proposed rule to implement the Cybersecurity Maturity Model Certification program.

Daily News | March 12, 2024

The Defense Department has finalized a rulemaking to expand eligibility requirements for its defense industrial base information sharing program.

Daily News | March 12, 2024

The American Gas Association is asking the Defense Department to consider potential avenues where contractors and subcontractors can use cyber policies at other agencies to fulfill requirements under the Cybersecurity Maturity Model Certification program.

Daily News | March 6, 2024

The Information Technology Industry Council sees an opportunity for the Pentagon's Cybersecurity Maturity Model Certification program to become a standard across the federal government, according to a filing from the trade association on the first CMMC proposed rule.

Daily News | March 5, 2024

The Professional Services Council is calling for the Defense Department to do further analysis on potential costs for contractors and their suppliers to comply with the Cybersecurity Maturity Model Certification program before finalizing proposed regulations.

Daily News | March 4, 2024

The accreditation body behind the Pentagon's Cybersecurity Maturity Model Certification program is suggesting changes to the proposed rule to implement the major initiative, including involving the Defense Department in the assessment appeals process and establishing consistency in conflict-of-interest requirements.

Daily News | March 1, 2024

A coalition of industry groups led by the U.S. Chamber of Commerce is seeking flexibility when it comes to implementing requirements in the Pentagon’s Cybersecurity Maturity Model Certification program, arguing that it is needed to address compliance costs as work to finalize regulations gets underway.

Daily News | February 29, 2024

The Aerospace Industries Association is asking the Defense Department to provide information on how it will address flow-down requirements and the roles and responsibilities for primes and subcontractors, in response to the first proposed rule for the Pentagon's Cybersecurity Maturity Model Certification program.

Daily News | February 28, 2024

A coalition representing large defense and tech groups is asking the Defense Department to provide clarity on marking controlled unclassified information, defining responsibilities in contracts and flexibility on addressing assessment gaps, in formal comments on the first proposed rule for the Pentagon's Cybersecurity Maturity Model Certification program.

Daily News | February 27, 2024

The Pentagon's Cybersecurity Maturity Model Certification program enters a new stage this week with the end of the public comment period for a massive, proposed rulemaking that sets up parameters to implement the long-awaited initiative.

Not a subscriber? Sign up for 30 days free access to exclusive, behind-the-scenes reporting on defense policy and procurement.